From 19b49e80ee3b468ce1754f7b5dd62995f37b5e86 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Fri, 26 Sep 2008 17:21:01 -0400 Subject: add the sshd_rsa_authentication option, default set to no --- templates/sshd_config/CentOS_normal.erb | 7 ++++++- templates/sshd_config/Debian_normal.erb | 5 +++++ templates/sshd_config/Gentoo_normal.erb | 7 ++++++- templates/sshd_config/OpenBSD_normal.erb | 7 ++++++- 4 files changed, 23 insertions(+), 3 deletions(-) (limited to 'templates') diff --git a/templates/sshd_config/CentOS_normal.erb b/templates/sshd_config/CentOS_normal.erb index b0bea46..a5c9c89 100644 --- a/templates/sshd_config/CentOS_normal.erb +++ b/templates/sshd_config/CentOS_normal.erb @@ -44,7 +44,12 @@ PermitRootLogin without-password #StrictModes yes #MaxAuthTries 6 -#RSAAuthentication yes +<%- if real_sshd_rsa_authentication.to_s == 'yes' then %> +RSAAuthentication yes +<%- else %> +RSAAuthentication no +<%- end %> + <%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> PubkeyAuthentication yes <%- else %> diff --git a/templates/sshd_config/Debian_normal.erb b/templates/sshd_config/Debian_normal.erb index d105ecc..985840c 100644 --- a/templates/sshd_config/Debian_normal.erb +++ b/templates/sshd_config/Debian_normal.erb @@ -34,7 +34,12 @@ PermitRootLogin without-password <%- end %> StrictModes yes +<%- if real_sshd_rsa_authentication.to_s == 'yes' then %> RSAAuthentication yes +<%- else %> +RSAAuthentication no +<%- end %> + <%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> PubkeyAuthentication yes <%- else %> diff --git a/templates/sshd_config/Gentoo_normal.erb b/templates/sshd_config/Gentoo_normal.erb index 3538754..ee27732 100644 --- a/templates/sshd_config/Gentoo_normal.erb +++ b/templates/sshd_config/Gentoo_normal.erb @@ -47,7 +47,12 @@ PermitRootLogin without-password <%- end %> #MaxAuthTries 6 -#RSAAuthentication yes +<%- if real_sshd_rsa_authentication.to_s == 'yes' then %> +RSAAuthentication yes +<%- else %> +RSAAuthentication no +<%- end %> + <%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> PubkeyAuthentication yes <%- else %> diff --git a/templates/sshd_config/OpenBSD_normal.erb b/templates/sshd_config/OpenBSD_normal.erb index bee3548..3043922 100644 --- a/templates/sshd_config/OpenBSD_normal.erb +++ b/templates/sshd_config/OpenBSD_normal.erb @@ -40,7 +40,12 @@ PermitRootLogin without-password #StrictModes yes #MaxAuthTries 6 -#RSAAuthentication yes +<%- if real_sshd_rsa_authentication.to_s == 'yes' then %> +RSAAuthentication yes +<%- else %> +RSAAuthentication no +<%- end %> + <%- if real_sshd_sshd_pubkey_authentication.to_s == 'yes' then %> PubkeyAuthentication yes <%- else %> -- cgit v1.2.3